McAfee: Crypto-Mining Malware Grew By Over 4,000 Percent in 2018

Instances of crypto-mining malware increased by well over 4,000 percent this year, according to research from McAfee.

In its December 2018 report, the U.S.-based cybersecurity firm said that there were nearly four million new mining malware threats in the third quarter of 2018 alone, compared to less than 500,000 in 2017 and 2016.

A separate release giving specific numbers showed that the number of malicious crypto-miners grew nearly 55 percent in Q3 of 2018, with total malware growing 4,467 percent in the last four quarters.

Graph via McAfee

“Many ransomware actors [are] switching to a more lucrative business model: cryptomining,” the report states.

In a growing trend, cybercriminals have begun focusing on leveraging internet of things (IoT) devices for crypto mining, McAfee said. New malware targeting these devices saw a 72 percent increase and total IoT-targeting malware grew by 203 percent in the last four quarters.

Remco Verhoef, security researcher at McAfee, said:

“We would not usually think of using routers or IoT devices such as IP cameras or videorecorders as cryptominers because their CPUs are not as powerful as those in desktop and laptop computers. However, due to the lack of proper security controls, cybercriminals can benefit from volume over CPU speed. If they can control thousands of devices that mine for a long time, they can still make money.”

Verhoef also said that McAfee discovered a Mac OS threat named OSX.Dummy, which is being distributed on cryptomining chat groups. The malware, posted online, suggests that users download software to fix “crypto problems,” after which it injects its malicious code. This way, users essentially infected their own devices, he explained.

Back in July, over a million computers in China were hacked to mine more than $2 million-worth of cryptocurrencies over two years. Another survey by software company Citrix showed that almost 60 percent U.K. businesses had been hit by cryptocurrency mining malware in August.